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CVE CVE-2022-25635 

Title Realtek Linux/Android Bluetooth Mesh SDK — An Out-of-bound 
Write Due to Abnormal BLE Advertising Length 

Description | At initial state, SDK allocated just enough buffer for each advertising 
packet. Attacker broadcast advertising packets with abnormal data 
length. The data length of packet was larger than maximum length 
defined in specification. Our device would scan these packets, 
delivered them to mesh SDK, SDK copied packets into insufficient 
buffer, and then buffer overflow happen. 

Severity Medium 

CVSSv3 Base score 5.3, 

CVSS:3.1/AV:A/AC:H/PR:N/ULN/S:U/C: *H/E:U/RL:O/RC:C 

Vulnerability | Denial of Service 

Type : 

CWE CWE-120 : Buffer Copy wi g Size of Input (‘Classic 
Buffer Overflow') The progra p input buffer to an output 
buffer without verifying of the input buffer is less than the 
size of the output buffer. a buffer overflow. 

Affected 8723DS 

Chipsets 

Affected Older tha D ‘17-4.17-20220127 

Software 

Versions 
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